search

holodeck-b2b / Holodeck-B2B

Holodeck B2B is an AS4 system-to-system messaging solution that implements the OASIS specifications for ebMS3 and it's AS4 profile. For more information visit the project website
http://holodeck-b2b.org
GNU General Public License v3.0
68 stars 36 forks source link

Send a Signing message with a gzip attachment #143

Closed AlbertTse closed 1 year ago

AlbertTse commented 1 year ago

Hi,

I configured Pmode with "signing" property. Sender_Pmode_Signing When I send out message with "gzip" attachment, Sender_mmd_gzip_attachment "Authentication of message unit failed" error show. ErrorMsg_Authentication of message unit failed

If I send out message with a simple document attachment (e.g., xml), it works.

Any additional configuration is required for "gzip" attachment? Does it support signing with a gzip attachment?

Pmode / mmd files as follow

  1. Sender Pmode setting: Sender_Pmode_ex-pm-push-auth-init_with_sign.txt
  2. Receiver Pmode setting: Receiver_Pmode_ex-pm-push-auth-resp_with_sign.txt
  3. mmd with "gzip" attachment Sender_msg_ex-mmd-push-auth_with_sign_gzip.mmd.txt
  4. mmd with simple xml attachment Sender_msg_ex-mmd-push-auth_with_sign_xml.mmd.txt
sfieten commented 1 year ago

Hi @AlbertTse, please note that compression of the payloads can only be enabled in the P-Mode by adding a //UserMessageFlow/PayloadProfile/UseAS4Compression element with value true. This means that in you "gzip" scenario the compression feature is not used and the payload and its meta-data is sent as is, meaning that the MIME type of the attachment is incorrectly indicated as application/xml. This probably causes the signature validation to fail as XML attachment are processed differently than other file types.